Key Stretching - History

History

The first deliberately slow password-based key derivation function was called "CRYPT" and was published by Robert Morris in 1978 for encrypting Unix passwords. It used an iteration count of 25, a 12-bit salt and a variant of DES as the sub-function. (DES proper was avoided in an attempt to frustrate attacks using standard DES hardware.) It also limited passwords to a maximum of eight ASCII characters. While it seemed a great advance at the time, CRYPT(3) is now considered inadequate. The iteration count, designed for the PDP-11 era, is too low, 12 bits of salt is an inconvenience but does not stop precomputed dictionary attacks, and the 8 character limit prevents the use of stronger passphrases.

Modern password-based key derivation functions, such as PBKDF2 (specified in RFC 2898), use a cryptographic hash, such as MD5 or SHA1, more salt (e.g. 64 bits) and a high iteration count (often 1000 or more). There have been proposals, such as scrypt to use algorithms that require large amounts of computer memory and other computing resources to make custom hardware attacks more difficult to mount.

In 2009, a new key strengthening algorithm, scrypt, was introduced that demands large amounts of memory to evaluate, limiting the use of custom, highly parallel hardware to speed up key testing.

Read more about this topic:  Key Stretching

Famous quotes containing the word history:

    Bias, point of view, fury—are they ... so dangerous and must they be ironed out of history, the hills flattened and the contours leveled? The professors talk ... about passion and point of view in history as a Calvinist talks about sin in the bedroom.
    Catherine Drinker Bowen (1897–1973)

    Throughout the history of commercial life nobody has ever quite liked the commission man. His function is too vague, his presence always seems one too many, his profit looks too easy, and even when you admit that he has a necessary function, you feel that this function is, as it were, a personification of something that in an ethical society would not need to exist. If people could deal with one another honestly, they would not need agents.
    Raymond Chandler (1888–1959)

    History is not what you thought. It is what you can remember. All other history defeats itself.
    In Beverly Hills ... they don’t throw their garbage away. They make it into television shows.
    Idealism is the despot of thought, just as politics is the despot of will.
    Mikhail Bakunin (1814–1876)